<?php
session_start();
  include('../include/db_connect.php');

function inDB(){
$password = md5($_SERVER['PHP_AUTH_PW']);
$queryL="SELECT idUSERNAME, gebruikers_naam, wachtwoord FROM USERNAME
                  WHERE BINARY
                  gebruikers_naam='".$_SERVER['PHP_AUTH_USER']."'
                  AND
                  wachtwoord='".$password."'
                  AND
                  admin = 1
                  AND
                  status='act'";
                  
$resL=   mysql_query($queryL) or die(mysql_error());
$usR =   mysql_fetch_array($resL);
if ($usR===false) return false;
return $usR['idUSERNAME'];
}

$usR = inDB();


?>
<style type="text/css">
div#noPermission{
margin-left:auto;
margin-right:auto;
text-align:center;
}
#noPermission a{
text-decoration:none;
color: #000000;
}
#noPermission a:hover{
text-decoration:none;
color: #ff0000;
}
#noPermissionImage a{
margin-top:-30px;
margin-left:auto;
margin-right:auto;
background-image:url('images_admin/icon_stop.png');
display:block;
width:512px;
height:512px;
text-decoration:none;
color: #000000;
}
#noPermissionImage a:hover{
margin-top:-30px;
margin-left:auto;
margin-right:auto;
background-image:url('images_admin/icon_stop2.png');
display:block;
width:512px;
height:512px;
text-decoration:none;
color: #ff0000;
}
</style>
<?php
if(!isset($_SERVER['PHP_AUTH_USER'])||$usR===false)
  {
    Header("WWW-Authenticate: Basic realm=\"Vul je gebruikersnaam en wachtwoord in\"");
    Header("HTTP/1.0 401 Unauthorized");
    echo '<div id="noPermission">';
	echo '<h1> U heeft geen authorisatie om hier te komen.</h1><br>';
	echo '<div id="noPermissionImage">';
	echo '<a href="../index.php"></a>';
	echo '</div>';
	echo '<h1> <a href="../index.php">Klik hierom terug te gaan naar de index site</a> </h1><br>';
	echo '</div>';

   }
   else{
    //echo $usR;

?>
<script type="text/javascript">
var current = "1";
function pageSwitch(id){
	if(!document.getElementById) return false;
	var div = document.getElementById("page"+id);
	var curDiv = document.getElementById("page"+current);
	curDiv.style.display = "none";
	div.style.display = "block";
	current = id;
}
</script>
		<style type="text/css" media="screen"><!--
.hiddenDiv {
	display: none;
	}
.visibleDiv {
	display: block;
	border: /1px grey solid;
	}

--></style>
		<!-- Start of Page Header -->
		
	<?php include("include/admin_header.php"); ?>


		<!-- End of Page Header -->
	<?php include("include/admin_menu.php"); ?>

<?php
echo <<<EOT
	<script type=text/javascript>
		function delayer() {
		    window.location = "productbeheer.php";
		}
	</script>
EOT;
	$productPerPageCount = 25;
	if(!isset($_GET['page']) || $_GET['page'] == "") {
			$_GET['page']= 1;
	}
	if($_GET['page'] == 1) {
			$lowerLimit = 0;
	} else {
		$lowerLimit = 0;
		for($i = 2; $i <= $_GET['page']; $i++) {
			$lowerLimit = $lowerLimit + $productPerPageCount;
		}
	}
	$limit = $lowerLimit.",".$productPerPageCount;
	echo "<div id='main_content'>";
	echo "<div id='super_main_content'>";

	if(isset($_GET['sub1']) && $_GET['sub1'] != "") {
		$sub1 = $_GET['sub1'];
		$title = "<a href='productbeheer.php?sub1=".$sub1."'>".$sub1."</a>";
		if(!isset($_GET['sub2']) || $_GET['sub2'] == "") {
			$sub2 = NULL;
		} else {
			$sub2 = $_GET['sub2'];
			$title .= "->"."<a href='productbeheer.php?sub1=".$sub1."&sub2=".$sub2."'>".$sub2."</a>";
		}
		if(!isset($_GET['sub3']) || $_GET['sub3'] == "") {
			$sub3 = NULL;
		} else {
			$sub3 = $_GET['sub3'];
			$title .= "->"."<a href='productbeheer.php?sub1=".$sub1."&sub2=".$sub2."&sub3=".$sub3.">".$sub3."'>".$sub3."</a>";
		}
		$where = "WHERE `sub1` = '".$sub1."' ".
		         "AND `sub2` = '".$sub2."' ".
		         "AND `sub3` = '".$sub3."' ";
	}
	$productQuery = mysql_query("SELECT `PRODUCT`.`idPRODUCT`, `PRODUCT`.`naam`, `PRODUCT`.`prijs`, ".
	                                   "`PRODUCT`.`omschrijving`, `PRODUCT`.`korting` ".
		                        "FROM `PRODUCT` ".
		                        $where.
		                        "ORDER BY `korting` DESC ".
		                        "LIMIT ".$limit);
	if(!$productQuery || mysql_num_rows($productQuery) == 0) {
		echo "Categorie niet gevonden. U wordt teruggewezen naar het productoverzicht.";
		echo "<script type='text/javascript'>setTimeout('delayer()', 3000)</script>";
	} else {
		echo "<h3>"."U bevindt zich hier: ".$title."</h3>";
		echo "<div id='product_backbutton'><a href='productbeheer.php'>&larr;Ga terug naar overzicht.</a></div>";
		echo "<p>Aantal gevonden artikelen: ".mysql_num_rows($productQuery)."</p>";
		echo "<table id='product_table'>";
		echo "<tr>";
		echo "<th></th>";
		echo "<th class='artikelnr'>Artikelnr.</th>";
		echo "<th class='omschrijving'>Omschrijving</th>";
		echo "<th class='prijs'>Prijs</th>";
		echo "<th class='artikelnr'>Aanbieding?</th>";
		#echo "<th class='bestel'></th>";
		echo "</tr>";
		while($row = mysql_fetch_assoc($productQuery)) {
			$omschrijving = substr($row['omschrijving'], 0, 100)."...";
			echo "<tr>";
			echo "<td><a href='productbeheerdetail.php?id=".$row['idPRODUCT']."'>Details</a></td>";
			echo "<td>".$row['idPRODUCT']."</td>";
			echo "<td>".$omschrijving."</td>";
			echo "<td>"."&euro; ".str_replace(".", ",", $row['prijs'])."</td>";
			if($row['korting'] != 0) {
				echo "<td>Ja!</td>";
			} else {
				echo "<td>Nee</td>";
			}
			#echo "<td><a href='winkelwagen.php?id=".$row['idPRODUCT']."&action=add'>Bestel!</a></td>";
			echo "</tr>";
		}
		echo "</table>";
	
	}
	echo "<div class='nav'>";
	if($_GET['page'] != 1) {
			$page = $_GET['page'] - 1;
			echo "<a href='?page=".$page."&sub1=".$sub1."&sub2=".$sub2."&sub3=".$sub3."'>Vorige</a>\n";
	}
	$productCountQuery = mysql_query("SELECT COUNT(DISTINCT `idPRODUCT`) ".
	                                 "FROM `PRODUCT` ".
	                                 $where);
	if(!$productCountQuery) {
		die("Query failed, please try again later. ".mysql_error());
	}
	$productCount = mysql_result($productCountQuery, 0);
	if($productCount > $productPerPageCount) {
		//hier wordt uitgerekend hoeveel pagina's er nodig zijn
		//ceil = omhoog afronden
		$pagesCount = ceil($productCount / $productPerPageCount);
		for($i = 1; $i <= $pagesCount; $i++) {
			if($_GET['page'] == $i) {
				$pageNav = "<span class='activePage'>".$i."</span>&nbsp;";
			} else {
				$pageNav = "<a href='?page=".$i."&sub1=".$sub1."&sub2=".$sub2."&sub3=".$sub3."'>".$i."</a>&nbsp;";
			}
			echo $pageNav;
		}
		if($pagesCount != $_GET['page']) {
			$page = $_GET['page'] + 1;
			echo "<a href='?page=".$page."&sub1=".$sub1."&sub2=".$sub2."&sub3=".$sub3."'>Volgende</a>";
		}
	}
	echo "</div>";
	echo "</div>";	
	echo "</div>";
	echo "<div class='clearthis'></div>";
	?>
	<?php include("include/admin_footer.php"); 
}
?>
